Consumers no longer treat e-commerce as an occasional alternative to brick-and-motor retail; in 2018 consumers expect the option to handle purchases, returns, and even customer service interaction online, often on-the-go via mobile applications. More importantly, they also expect that businesses will be faithful stewards of their personal data and fierce protectors of their privacy.
For evidence of this expectation, look no further than the recent controversy over Facebook's handling of user data.
Facebook's reputation and stock price have taken a beating since revelations surfaced about their user data being used by a political firm to target voters in the 2016 presidential election. Long story short: third party apps with access to user information such as interests, demographics and behaviors sold the information to Cambridge Analytica, a political data firm. This story continues to garner headlines and congressional attention as a whistleblower has come forward to state that the firm used Facebook data to suppress voter enthusiasm.
Simply stated, this has been an absolute mess for Facebook. Founder Mark Zuckerberg endured hours of pointed questions from Congressman and Senators in April, and two additional lawsuits may spell trouble for the companies already damaged reputation:
- A class-action suit brought on behalf of Illinois Facebook users will go forward, alleging that Facebook unlawfully collects biometric data from tagged photos. This suit will be a great test of Illinois' Biometric Information Privacy Act (Source: "Facebook Users' Biometric Privacy Suit Will Go Forward").
- Over a dozen plaintiffs lawyers are pursuing class action suits against Facebook as a result of the Cambridge Analytica scandal, which "could be the largest data breach ever" (Source: "Lawyer Suing Facebook: 'This Could Be the Largest Data Breach' Ever").
Your operation may be nowhere near the size and scope of Facebook's, but you can learn from Facebook's struggles so far this year. If any part of your business handles customer data, you need to be up front with consumers about what you do with it. Above all else, you need to protect that data from those who have not been explicitly authorized to access it.
If State or Federal laws are passed in the wake of this scandal, data security won't just be a good business practice; it will be the law.